<?
require 'global.php';
$url='password';

if($customer_id==0) { header('Location:login.html'); exit; }
$gee=$customer;

$action='you guess';
if(isset($_POST["action"]) && $_POST["action"]!="")$action=clean($_POST["action"]);
if($action=='repwd'){
	$key='you guess'; // safety key 安全码, 过滤非法提交
	if(isset($_POST["key"]) && $_POST["key"]!="") $key=clean($_POST["key"]);
	if($key != md5('ecomgear'.date('Ymd'))){ yell('请勿非法提交数据, 谢谢.','./'); exit; }

	$password='';
	if(isset($_POST["password"]) && $_POST["password"]!="") $password=clean($_POST["password"]);
	if($password==''){ wheel('./'); exit; }

	$arr=array(
		'password'=>sha1($password),
	);

	//pre($arr); exit;
	try{
		$gee->update($arr,'id',$customer_id);
		yell(WEB_UPDATED_SUCCESSFULLY, 'member.php');
	}
	catch(Exception $e){
		yell(WEB_UPDATE_FAILED, 'member.php');
	}
}

$info=$customer->get_row($customer_id);

// SEO 
$cate_name=WEB_PASSWORD_MANAGEMENT;
$title=$cate_name.' - '.$config['SITE_COMPANY_'.LANG];
$dpn=$kwd=$title;

// view 加载视图
require VIEW.$url.'.php';

// end of file
